|
Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FW: Security In The News - March 26, 2004
- From: Howell, Paul
- Date: Sat Mar 27 09:06:20 2004
Title: Message
Security In The News
LAST UPDATED: 3/26/04
This report is
also available on the Internet at http://news.ists.dartmouth.edu/todaysnews.html
,
Homeland Security & Infrastructure Protection
Ottawa to set up secure communication
system safe from hackers
- Canoe
Money, 3/25/04
Motives, methods of hackers are
changing
- Government
Computer News, 3/25/04
Cybercrime-Hacking
Net firm admits '03 data leak may affect
1.4 million clients
- Japan
Times, 3/26/04
New Warning over Bank E-Mail Scam
- Scotsman.com,
3/25/04
Laptop Theft Puts GMAC Customers' Data
At Risk
- Security
Pipeline, 3/25/04
Politics-Legislation
RIAA applauds civil lawsuit P2P bill
- vnunet.com, 3/26/04
United Nations ponders Net's future
- ZDNet,
3/26/04
US online gambling laws ruled
offside
- Silicon.com,
3/25/04
Malware
New Spawn of Bagle Worm Unleashed
- EWeek.com,
3/26/04
New Worms Stretching Across Web
- EWeek.com,
3/25/04
Best Practices & Risk Management
Microsoft program: 'You patch, we
pay'
- Network
World Fusion, 3/25/04
Security needs better education for
programmers
- Federal
Computer Week, 3/25/04
Civil & Consumer Issues
'Piracy' extradition case rejected
- Australian
IT, 3/25/04
British Music Industry Takes Aim at Net
Song Swappers
- Reuters,
3/25/04
Homeland Security & Infrastructure Protection
- Title: Ottawa to set up secure communication
system safe from hackers
- Source: Canoe Money
- Date Written: March 25, 2004
- Date Collected: March 26, 2004
- The Canadian government is planning to build a government-wide
communications system to prevent hackers and terrorists from intercepting
government communications, according to Public Safety Minister Anne
McLellan. The network is part of a larger plan to improve information
sharing between security and intelligence agencies. Ms. McLellan argues that
the existing system is secure, but currently consists of a patchwork of
differing technologies that sometimes makes communications difficult.
Canada's Auditor General, Sheila Fraser, will soon release a report
analyzing the use of $7.7 billion allocated for security initiatives after
the September 11 terrorist attacks against the United States, outlining some
technical barriers hampering communications. Ms. McLellan stressed the need
to prevent Canada from becoming a haven or launch-pad for terrorist attacks.
- http://money.canoe.ca/News/Other/2004/03/25/395748-cp.html
- Title: Motives, methods of hackers are
changing
- Source: Government Computer News
- Date Written: March 25, 2004
- Date Collected: March 26, 2004
- Lawrence Hale, deputy director of US-CERT (United States Computer
Emergency Response Team) at DHS (Department of Homeland Security), speaking
at the FOSE 2004 conference, defended the lack of a White House
cybersecurity advisor, a position which was eliminated after the release of
the National Strategy to Secure Cyberspace. Mr. Hale argues that the
cybersecurity officer served its purpose once the Strategy was produced, but
after that, cybersecurity became a department-level matter. Mr. Hale also
argued that hackers are changing their methods, targeting the backdoors
opened by other hackers and viruses, then sealing them to keep the machine
for themselves. Tom Reddington, director of Bell Lab's Internet Research
Lab, warned that new types of malwares may appear in the near future, such
as polymorphic viruses designed to evade anti-virus signatures. Mr.
Reddington argues that security must look at the entire information
technology infrastructure, rather than just components, prompting research
into such areas as protocol security.
- http://www.gcn.com/vol1_no1/daily-updates/25404-1.html
Cybercrime-Hacking
- Title: Net firm admits '03 data leak may affect
1.4 million clients
- Source: Japan Times
- Date Written: March 26, 2004
- Date Collected: March 26, 2004
- Yoshio Sakata, president of Japanese Internet service provider ACCA
Networks, has announced that personal data on at least 201 customers have
been leaked, raising the possibility that data on all of ACCA's 1.1 million
current customers and 300,000 former customers may have also been leaked.
The data include names, addresses, phone numbers, gender, and e-mail
addresses. The company learned of the leak, which it believes had occurred
between March and May of 2003, after it received a list of 201 customers
from a third party. Discrepancies in the gender record suggest the list has
been reprocessed. ACCA believe the leak to have been committed by an
insider, and has since taken steps to improve security.
- http://www.japantimes.co.jp/cgi-bin/getarticle.pl5?nb20040326a1.htm
- Title: New Warning over Bank E-Mail
Scam
- Source: Scotsman.com
- Date Written: March 25, 2004
- Date Collected: March 26, 2004
- Britain's Association of Payment Clearing Services (APACS) warned bank
customers to look out for e-mail 'phishing' scams and be wary of revealing
account details, noting a substantial increase in the number of people
receiving e-mails claiming to be from their bank in the last few days. The
e-mails generally claim the bank has updated its anti-fraud systems, and
need the customers to reactivate their accounts by clicking on a provided
link. The link leads to a spoof of the bank's webpage which gathers account
details from users. An APACS spokesman says the recent attacks are targeting
international banks as well as banks in the United Kingdom, Spain, France,
and Belgium. Users should always type in their bank's Internet address to
avoid following a link to a spoof page.
- http://news.scotsman.com/latest.cfm?id=2696802
- Title: Laptop Theft Puts GMAC Customers' Data
At Risk
- Source: Security Pipeline
- Date Written: March 25, 2004
- Date Collected: March 26, 2004
- GMAC Insurance has been informing 200,000 of its customers that they may
be in danger of identity theft after two laptop computers were stolen from
an employee's car outside a regional office in Atlanta, Georgia. The stolen
laptops contained names, addresses, birthdates, Social Security numbers,
credit scores, marital status, and gender. GMAC recommends customers put a
fraud alert on their credit files. Their letters, dated March 12, say the
theft took place January 26. One GMAC customer, describing himself as a
"30-year IT veteran" questioned GMAC's security competence upon learning
that sensitive data were kept on laptops. GMAC says it is reviewing its
policies.
- http://www.securitypipeline.com/news/18402599jsessionid=GCT5OQKDPYZ4IQSNDBGCKHQ
Politics-Legislation
- Title: RIAA applauds civil lawsuit P2P
bill
- Source: vnunet.com
- Date Written: March 26, 2004
- Date Collected: March 26, 2004
- The Recording Industry Association of America (RIAA) is welcoming a
proposal from the Justice Department to allow the government to file civil
claims with damages in copyright infringement cases, without creating a
criminal record for the defendant. RIAA chair Mitch Bainwol applauds the
proposal, saying it gives federal prosecutors flexibility in dealing with
piracy. The RIAA and the Federal Bureau of Investigation have also announced
a voluntary, government sanctioned anti-piracy seal for copyrighted music to
warn users against illegal file sharing.
- http://www.vnunet.com/News/1153836
- Title: United Nations ponders Net's
future
- Source: ZDNet
- Date Written: March 26, 2004
- Date Collected: March 26, 2004
- Officials from around the world gathered at a United Nations (UN) summit
to discuss issues of Internet governance, including such technical issues as
domain names and root servers as well as social issues such as privacy,
intellectual property, and free speech. UN Secretary General Kofi Annan
criticized the current system as dominated by the United States, Europe, and
Japan, arguing that the Internet must be "accessible and responsive to the
needs of all the world's people." Root servers for top-level country code
domains are currently managed by volunteers, rather than a UN-style agency.
A number of countries argue that only money and investment from richer
countries can end the "digital divide" keeping poorer nations off the
Internet. Many view ICANN (Internet Corporation for Assigned Names and
Numbers), the current manager of the Internet, as too closely allied to
wealthier countries. Many technical groups, such as the World Wide Web
Consortium (W3C) and the Internet Engineering Task Force (IETF) argue that
their processes are open and international.
- http://zdnet.com.com/2100-1104_2-5179694.html
- Title: US online gambling laws ruled
offside
- Source: Silicon.com
- Date Written: March 25, 2004
- Date Collected: March 26, 2004
- The World Trade Organization (WTO) has agreed with a complaint from
Antigua and Barbuda, and ruled that recent American actions against online
gambling sites constitute a violation of agreements banning limitations on
trade in services. The US Justice Department disagrees, arguing that the
agreement predated widespread Internet use. Measures to ban online gambling
are currently in preparation in US Congress. Currently, the Justice
Department points to the 1961 Wire Act, aimed at Mafia-controlled
sports-betting information services, as the basis for its actions. Antigua,
with a population of 67,000, used to have 5,000 employed by online casinos,
but that number has shrunk to 1,000 due to American actions.
- http://www.silicon.com/management/government/0,39024677,39119542,00.htm
Malware
- Title: New Spawn of Bagle Worm
Unleashed
- Source: EWeek.com
- Date Written: March 26, 2004
- Date Collected: March 26, 2004
- Yet another Bagle variant, Bagle.U, has begun circulating in Europe,
using none of the social engineering tactics of its predecessor variants.
Bagle.U arrives in an e-mail with a blank subject line and no text, with a
spoofed sender address. The attached executable file has a randomly
generated name. After infection, Bagle.U mass-mails itself to e-mail
addresses in the infected machine's address book. Bagle.U also opens a
backdoor on TCP (Transfer Control Protocol) port 4751, and reports infected
machines to a German web server. The worm can also download updated copies
or a batch file to remove itself. Bagle.U sometimes plays the Hearts card
game included with Windows. The worm is set to expire on January 1, 2005.
- http://www.eweek.com/article2/0,4149,1554954,00.asp?kc=EWRSS03119TX1K0000594
- Title: New Worms Stretching Across Web
- Source: EWeek.com
- Date Written: March 25, 2004
- Date Collected: March 26, 2004
- Two low-threat worms have appeared in the wild, known as Mywife and
Snapper. Mywife appears the more dangerous of the two. It comes with two
file attachments: a Norton Antivirus 2004 logo used to "certify" the second
file as virus free, and a compressed file with a variety of names, such as
Aprilgoostree, Parishilton, Rickymartin, or a random profanity. The package
comes in an e-mail with a vaguely pornographic subject line and message, or
as a warning that the user's computer is infected with the ficticious
BlackWorm virus. Once on a Windows machine, Mywife removes registry keys for
antivirus software. The Snapper worm resembles the last few variants of the
Bagle worm, and forces a computer to download a file named HTMLhelp.cgi from
a server located at 198.170.245.129.
- http://www.eweek.com/article2/0,1759,1554602,00.asp
Best Practices & Risk Management
- Title: Microsoft program: 'You patch, we
pay'
- Source: Network World Fusion
- Date Written: March 25, 2004
- Date Collected: March 26, 2004
- Microsoft has announced its Patch Assurance Security Service, a program
targeting its enterprise customers, offering free security audits and
payments for the services of a third party security consultant, such as
Internet Security Systems. No figures are available on the cost of the
program, but Microsoft defines "enterprise customers' as organizations with
500 or more Windows desktops. Microsoft hopes to improve Internet security
by promoting patch management best practices, and to boost its credibility
on security issues. The audits will result in recommendations and actionable
steps to improve patch management. Recommendations will include use of
Microsoft's Systems Management Server (SMS) and Software Update Services
(SUS). John Pescatore, vice president of Gartner research, firm says the
limited product focus could create a problem for Microsoft, describing SMS
as "not a strong product." Internet Security Systems also plans to offer a
range of security assessment services for Microsoft customers.
- http://www.nwfusion.com/news/2004/0325mspatch.html
- Title: Security needs better education for
programmers
- Source: Federal Computer Week
- Date Written: March 25, 2004
- Date Collected: March 26, 2004
- Lawrence Hale, deputy director of the Department of Homeland Security's
(DHS) US-CERT (United States Computer Emergency Response Team), speaking at
the FOSE 2004 conference, argued that education aimed at college programming
students would help cut down the number of software vulnerabilities
exploitable in cyber attacks. Though it would take years for the
improvements to show up in commercial software, the need is growing as
malicious hackers are now working for profit. DHS is also working with
Lucent Technologies' Bell Labs to develop tools to detect the precursors of
a network attack.
- http://fcw.com/fcw/articles/2004/0322/web-secure-03-25-04.asp
Civil & Consumer Issues
- Title: 'Piracy' extradition case
rejected
- Source: Australian IT
- Date Written: March 25, 2004
- Date Collected: March 26, 2004
- An Australian Magistrate has rejected a United States extradition
request in the case of Hew Raymond Griffiths, 41, accused of leading the
Drink or Die software piracy ring. According to a grand jury indictment in
the American state of Virginia, Mr. Griffiths controlled a drop site for
pirated software on a Massachusetts Institute of Technology computer
network. The group allegedly received softwares before their release dates,
broke their copy-protection, and repackaged them. Magistrate Daniel Reiss
rejected the case, noting that the crimes are alleged to have occurred in
Australia; Mr. Griffiths had never fled the United States. The Magistrate
argues that the case highlights the need for Parliament to update
extradition laws to address new technologies.
- http://australianit.news.com.au/articles/0,7204,9071448^15331^^nbv^15306-15318,00.html
- Title: British Music Industry Takes Aim at Net
Song Swappers
- Source: Reuters
- Date Written: March 25, 2004
- Date Collected: March 26, 2004
- The British Phonographic Industry has announced that it will begin
issuing legal warnings to serial uploaders and file swappers. This brings
the British music industry one step closer to pursuing lawsuits against
users of peer-to-peer (P2P) file trading networks such as Kazaa, which it
blames for a global drop in compact disc sales. The British music market may
be making a comeback, with a 2.1% increase in 2003 album sales, but piracy
levels are increasing throughout Europe. Lawsuits in the United States have
met with mixed success, with a decline in P2P use shortly after the RIAA
(Recording Industry Association of America) began its lawsuits, but now
climbing back up again. The lawsuits have also earned the RIAA bad press,
prompting the European music industry to pursue consumer education instead.
- http://www.reuters.com/newsArticle.jhtml?type=internetNews&storyID=4660335
To change your delivery preferences please go
to:
http://news.ists.dartmouth.edu/cgi-bin/change.cgi
If you wish to
stop receiving the 'Security in the News' service please go
to:
http://news.ists.dartmouth.edu/substop.html
The Institute for
Security Technology Studies (ISTS) accepts no responsibility for any error
or omissions in this e-mail. The information presented is a compilation of
material from various sources and has not been verified by staff of the
ISTS. Therefore, the ISTS cannot be made responsible for the factual
accuracy of the material presented. The ISTS is not liable for any loss or
damage arising from or in connection with the information contained in this
report. It is the responsibility of the user to evaluate the content and
usefulness of this information. References in this e-mail to any specific
commercial products, processes, or services by trade name, trademark,
manufacturer, or otherwise, does not constitute or imply endorsement,
recommendation, or favoring by the ISTS. ISTS is a research, not
operational, organization, and makes its Security in the News e-mail
available as a public service on a best-effort basis. Security in the News
will be sent out on most business days, but not all.
Institute for
Security Technology Studies
Dartmouth College
45 Lyme Road, Suite
200
Hanover, NH 03755
Tel: (603) 646 0700
E-mail:
dailyreport@ists.dartmouth.edu
|
|
|
